<?php
namespace app\common\controller;

use app\common\controller\_BaseController;
use app\model\Token;
use app\model\Role;

class _AdminController extends _BaseController
{
    protected function initialize()
    {   
        parent::initialize();
        $this->checkToken();
        // $this->checkRole();
    }

    public function checkToken()
    {
        
    	$token = request()->param(config('params.token_field'));
    	$token = Token::getToken($token);
        if(!$token) parent::resError('无效token！',1001);
        $user = Token::getUserById($token->user_id,$token->user_type);
    	if(!$user || $token->user_type!=Token::TYPE_ADMIN) parent::resError('无效token！',1001);
        $user['type'] = 1;
    	$this->user = $user;
        return;
    }
	
    protected function checkRole()
    {   

        $path = "/".$this->request->path();
        $role = Role::get($this->user['role_id']);
        $permission = unserialize($role->permission);
        $items = Permission::all($permission);
        foreach($items as $item){
            if($item->path == $path && $item->status == self::STATUS_ENABLE ){
                return true;
            }
        }
        return parent::resError('没有权限进行此操作');
    }
}
